user does not have access to prisma.public

[mattruddy]

I keep getting an error when ever starting up the application that the user doesnt have access to the database. Any idea what this could be?

Authentication failed against database server at 'localhost', the provided database credentials for 'johndoe' are not valid.

[wangel13]

Hello @mattruddy ! I plan to update to new Prisma this week. And then i check your issue in new version. Stay tuned :D

[nrgapple]

@wangel13 awesome news! This is a really great template. Its really the only of its kind.

If you have time can you add a user profile query? I'm having trouble getting the session for a user and the rest of their profile on a query.

Think if there was a Profile table. And one of the queries was to get the signed in user's Profile. (You don't actually have to make a Profile table but maybe a query where you use the user session to get something. Like maybe itself. haha

Thanks again

[nrgapple]

Would graphql/context createContext be something like this to pass the session into the resolvers?

export const createContext = async ({ res, req }): Promise<Context> => {
    const session = await getSession({ req });
    return {prisma, res, req, session };
}

I'm guessing we would have to extend the Context interface too since session is not a part of it

[nrgapple]

graphql-nexus/nexus-plugin-prisma#1039 (comment)

Ok I get it now. so you use next-auth api to get a session and then use next-auth/client in isAuthenticated to set the user's permissions in that shield package you are using. So in its current state would that mean the user would have full crud access to all the users? Like right now an authed user could just query for all users' data

[wangel13]

You can use shield for some checks like isAuthenticated, isAuthor, isAdmin or etc...

user would have full crud access to all the users

in example query - yes, but you can write your own rules

[nrgapple]

ahh now I get it. I should have read the docs for graphql-shield

[wangel13]

const isAuthenticated = rule({ cache: 'contextual' })(async (parent, args, ctx, info) => {
  return ctx.user !== null
})

const isAdmin = rule({ cache: 'contextual' })(async (parent, args, ctx, info) => {
  return ctx.user.role === 'admin'
})

const isEditor = rule({ cache: 'contextual' })(async (parent, args, ctx, info) => {
  return ctx.user.role === 'editor'
})

// Permissions

const permissions = shield({
  Query: {
    frontPage: not(isAuthenticated),
    fruits: and(isAuthenticated, or(isAdmin, isEditor)),
    customers: and(isAuthenticated, isAdmin),
  },
  Mutation: {
    addFruitToBasket: isAuthenticated,
  },
  Fruit: isAuthenticated,
  Customer: isAdmin,
})

https://graphql-shield.vercel.app/docs#example

[nrgapple]

Awesome I guess the only question still is how do I get a reference to the signed in user in the resolver?

export const Queries = extendType({
  type: 'Query',
  definition: (t) => {
    t.field('example', {
      type: 'Example',
      resolve: async (_parent, _args, _ctx) => {
        return {
          message: 'Hello there!',
        }
      },
    })
  },
})

[wangel13]

Like this:

export const Queries = extendType({
  type: 'Query',
  definition: (t) => {
    t.field('example', {
      type: 'Example',
      resolve: async (_parent, _args, _ctx) => {
        const session = await getSession({ req: _ctx.req })
        console.log(session)
        return {
          message: 'Hello there!',
        }
      },
    })
  },
})

[wangel13]

and don't forget, you have prisma in ctx so you can query in rules and queries :D

[nrgapple]

Thanks this helps a lot

[wangel13]

Feel free to ask ;)

[nrgapple]

export const Queries = extendType({
    type: 'Query',
    definition: (t) => {
      t.field('example', {
        type: 'Example',
        resolve: async (_parent, _args, {req, prisma}) => {
            const session = await getSession({ req: _ctx.req })
            return await prisma.user.findFirst()
                .where ({
                    email: session?.user?.email
                })
        },
      })
    },
  })

so something like that

[wangel13]

@mattruddy Check new version plz..

[deadcoder0904]

hey @wangel13 this is really helpful. found this while searching on sourcegraph.

i've copied your code but i am unable to access getSession. it always returns null. the only thing different is i'm using next-auth v4. this is my repo (prisma branch) → https://github.com/deadcoder0904/twitter-api-v2-3-legged-login-using-next-connect/tree/prisma

can you tell me what i'm doing wrong? struggling to getSession so i can query. i always get Not Authorized when i put this inside http://localhost:3000/api:

# Write your query or mutation here
{
  currentUser(id: "ckv226a840006k9v5ua3xvgsk") {
    id
    name
    username
    email
  }
}

despite my code looks similar to yours.

[wangel13]

Hello! I think this problem connected with maticzav/graphql-middleware#433
Downgrade graphql-shield or wait for new version ;)